package studio.banner.reference.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import studio.banner.reference.entity.UserInfo;
import studio.banner.reference.entity.UserLogin;
import studio.banner.reference.service.UserInfoService;
import studio.banner.reference.service.UserLoginService;
import studio.banner.reference.util.ResultBean;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@RequestMapping("/login")
@Controller
public class UserLoginController {
    @Autowired
    private UserInfoService userInfoService;
    @Autowired
    private UserLoginService userLoginService;
    private UserLogin userLogin = null;


    /*
     * 用户登录验证
     */
    @RequestMapping("/userLogin")
    @ResponseBody
    public ResultBean userLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
        ResultBean resultBean = new ResultBean();
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        // 获取subject
        Subject subject = SecurityUtils.getSubject();
        // 封装用户数据
        UsernamePasswordToken userToken = new UsernamePasswordToken(username, password);
        try {
            subject.login(userToken);
            if (subject.isAuthenticated()) {
                UserInfo result = userInfoService.findUserLoginandreturnUserLogin(username);
                //转到管理员界面
                if (result != null) {
                    HttpSession session = request.getSession();
                    session.setAttribute("userId", result.getId());
                    session.setAttribute("studentId", result.getStudentid());
                    if (result.getRole().equals("admin")) {
                        resultBean.setData("admin");
                    } else {
                        resultBean.setData("user");
                    }
                }
            } else {
                resultBean.setCode(-1);
            }
        } catch (UnknownAccountException e) {
            new ResultBean<>(0);
        } catch (IncorrectCredentialsException e) {
            new ResultBean<>(0);
        }
        return resultBean;
    }

    /*
     * 根据用户名更新password
     */
    @RequestMapping("/updatepassword")
    public ResultBean<Integer> updatepassword(@RequestParam("password") String password,
                                              HttpSession session) {
        userLogin = new UserLogin();
        userLogin.setPassword(password);
        userLogin.setUsername((String) session.getAttribute("studentid"));
        return new ResultBean<>(userLoginService.update(userLogin));
    }

    @RequestMapping(value = "/logout", method = RequestMethod.GET)
    public String logout() {
        Subject subject = SecurityUtils.getSubject();
        //注销
        subject.logout();
        return "index";
    }

    //	没有权限
    @RequestMapping(value = "/notRole", method = RequestMethod.GET)
    public ResultBean<Integer> notRole() {
        return new ResultBean<>(2);
    }

}

